database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-13 07:41:39 +03:00
Code Activity

Check that the data directory does not have group or world access; remove

Browse Source 
a similar check on postgresql.conf.
This commit is contained in:
Peter Eisentraut
2001-08-06 13:45:15 +00:00
parent 46e252141b
commit f487e3da68
2 changed files with 18 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/backend/utils/init/miscinit.c
View File

@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.73 2001/07/03 16:49:48 tgl Exp $
* $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.74 2001/08/06 13:45:15 petere Exp $
*
*-------------------------------------------------------------------------
*/
@ -120,6 +120,7 @@ void
SetDataDir(const char *dir)
{
char *new;
struct stat stat_buf;
AssertArg(dir);
@ -162,6 +163,21 @@ SetDataDir(const char *dir)
if (!new)
elog(FATAL, "out of memory");
}
/*
* Check if the directory has group or world access. If so, reject.
*/
if (stat(new, &stat_buf) == -1)
{
free(new);
elog(FATAL, "could not read permissions of directory %s: %s", new, strerror(errno));
}
if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))
{
free(new);
elog(FATAL, "data directory %s has group or world access; permissions should be u=rwx (0700)", new);
}
if (DataDir)
free(DataDir);